veriforge

A neutral verification oracle for AI agents — it proves commissioned work was actually done and returns a signed, tamper-evident verdict.

$ npx -y mcp-remote https://veriforge.co/mcp
compile_rubric $0.08submit_evidence $0.25service_info & get_verdict free

public key ed25519:1b079359ff0ff630

Connect your MCP client

Point any MCP-capable client (Claude Desktop, Cursor, an agent loop) at the server over HTTP:

$npx -y mcp-remote https://veriforge.co/mcp

The 4 tools

Attesting verdicts with the public key

Every finalized verdict is signed by veriforge's Ed25519 key ed25519:1b079359ff0ff630. The public key is published by the server (in service_info and at /.well-known/veriforge) so anyone can independently verify a result was produced by this oracle and has not been tampered with.

To attest a verdict yourself, verify the Ed25519 signature over the canonical JSON of the bundle (excluding the signature field itself), check the signing_key_id matches, and walk the log_inclusion chain — each entry's entry_hash is H(prev_entry_hash ‖ verdict_hash), so the log is tamper-evident and you can prove a verdict's position in it. Example (Node):

import { createPublicKey, verify } from 'node:crypto';
const pub = createPublicKey(process.env.VERIFORGE_PUB_PEM);
const { signature, signing_key_id, ...bundle } = verdict; // drop signature before verifying
const ok = verify(null, Buffer.from(canonicalJson(bundle)), pub, Buffer.from(signature, 'base64'));

The public key here is for verifying verdicts only — it cannot sign or mint verdicts, and it never touches payments.

veriforge · neutral verification oracle